FEDORA-2016-24316f1f56 created by kdudka 3 years ago for Fedora 24
stable
  • fix re-using connections with wrong client cert (CVE-2016-5420)
  • fix TLS session resumption client cert bypass (CVE-2016-5419)
  • fix use of connection struct after free (CVE-2016-5421)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-24316f1f56
This update has been submitted for testing by kdudka. 3 years ago
This update has been pushed to testing. 3 years ago
User Icon bojan commented & provided feedback 3 years ago
karma

Services depending on libcurl appear to start normally.

User Icon yuwata commented & provided feedback 3 years ago
karma

works for me

This update has been submitted for stable by bodhi. 3 years ago
User Icon cserpentis commented & provided feedback 3 years ago
karma

works for me

User Icon kdudka commented & provided feedback 3 years ago

Thanks for feedback!

This update has been pushed to stable. 3 years ago
User Icon skamath commented & provided feedback 3 years ago
karma

Works for me.


Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
BZ#1362183 CVE-2016-5419 curl: TLS session resumption client cert bypass
0
0
BZ#1362190 CVE-2016-5420 curl: Re-using connection with wrong client cert
0
0
BZ#1362199 CVE-2016-5421 curl: Use of connection struct after free
0
0
BZ#1363642 CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 curl: various flaws [fedora-all]
0
0

Automated Test Results